A duty to protect data
Calor cares about the safety, integrity and privacy of customer data – not just in terms of following the law, but as a human right. As a data controller, we are very conscious of our duty to protect the data we collect wherever we process it. That’s why our recent company-wide project to comply with General Data Protection Regulation data legislation in Europe (the GDPR) addressed an important issue regarding Ireland and Northern Ireland.
Data integrity across borders
Calor's two Irish business units – Calor Teoranta in the Republic of Ireland and Calor Gas in Northern Ireland – work closely together as they share personal data from our shared customers and employees across the island of Ireland to provide joint services. Of course, our compliance programme and our internal policies ensure that we always adhere to the data legislation of both Ireland and Northern Ireland, in addition to the GDPR.
Ensuring compliance in the world of Brexit
We are also looking ahead to the unknowns around Brexit, and whether Northern Ireland may be considered as part of a non-EEA country for data protection purposes when the UK leaves the EU in 2019. While Brexit will have implications for Calor in many sectors, privacy is a priority for us. For this reason, we have considered its potential impact in all of our data processing arrangements. This is especially important in areas such as the employee payroll and customer payment data. We will make sure that data from all of our customers and employees enjoys the same exact protections as data subjects throughout the EU, now and after 2019. Where necessary, we will focus processing in the Republic of Ireland. If processing needs to take place outside of the EU, we will adopt compatible standards to the GDPR, such as Binding Corporate Rules.
Calor is aware of the data privacy challenges such as these that Brexit poses, and we will continue to monitor the progress of Brexit with this very much in mind.